On Wed, 2004-12-29 at 16:39, jc pinoteau wrote:
> > I have occasionally seen this. I could be mistaken here. My
> > impression is that it occurs when all nameservers for the domain are
> > inside that domain, and apparently the glue A records for those
> > nameservers expired before the NS records themselves. It seems that,
> > in those conditions, bind won't be able to resolve the address
> > properly until the NS records time out.

>
> It's an interesting hypothesis. In my case it happens almost every day and
> mostly with mainstream website like google or yahoo. My bind can't resolve
> while the forwarder can.
>
>


Perhaps because the forwarder allows tcp connections whereas your system
only allows udp.


> > Some time ago, I set "max-cache-ttl 43200 ;" in my options. I don't
> > recall seeing the problem since then -- at least not on my servers.
> > I still see it on some other campus servers which lack that option
> > setting. Incidently, the reason for the option setting was unrelated
> > to this problem.

--
G. Roderick Singleton
PATH tech